With a sense of regret, I must announce that I'm beginning a process of closing my accounts with BitPay, Coinbase, and various other web-based bitcoin services, including, but not limited to, any accounts I have on brokerages or exchanges whose services are presented primarily through website-based interfaces. This message has first been posted on the Bitcoin Foundation forum, and will be sent by e-mail to bitcoin businesses or software project contacts listed above. This is a difficult decision, especially since I have watched as companies like BitPay and Coinbase lead the way with innovations (such as BitPay's Copay, and Coinbase's collaboration with BitMonet to facilitate micropayments). While this decision will not make my life easier, I consider it to ethically sound, and I look forward to using more decentralized models, such as (but not limited to) those presented by OpenBazaar, BitXBay, Counterparty, and Lighthouse, for my use in the very near future.

In part, my decision to close these accounts is due to the decision of BitPay, Bitstamp, and many other companies, to back the deeply flawed Windhover proposal, which - while innovative and exciting in many ways - unfortunately contains a poison pill that favors regulation of decentralized identity (referred to in the Windhover proposal as 'Proportionate Enforcement and Risk-based regulation') in a way which exchanges user privacy for temporary legal security that may be enjoyed for a short while by the companies which have backed the Windhover proposal.

As society moves into the realm of exploration of decentralized identity, and takes greater responsibility for matters relating to currency, production, identity, growth and sharing of food, giving processes, and more, it is vital that our decisions be honored when we attempt to move forward without utilizing hierarchical corporation-state regulation of identity (no matter what corporation-state in the world such regulations or laws may originate from). Our identities need not comport with nor answer to regulatory efforts. Throughout history, classical identity has been used for various types of slavery and genocide. Regulated identity has formed the basis for indirect controls that are used to coerce people in society in ways that are difficult to resist, as well as providing the backbone for systems which force many to release their funds to organizations of various corporation-states that profit from global warfare. This is an untenable situation that calls for a different direction: one in which strong public cryptography will form the basis for liberative trans-identical systems which are voluntary, cannot be enforced, and provide options of anonymity and the means to express numerous facets of individual or group identity.

However, my decision to begin closing down the accounts as mentioned above is not based solely upon the decision of various firms to back the Windhover proposal. It is also emanates from my reflections upon whether or not the web-based systems are viable business models for our future. This is not to say that I do not care about the development of the increasingly used website-based business solutions in the bitcoinisphere, because I do. I have repeatedly advocated both within the context of government proceedings on bitcoin (so as to raise awareness of implications of its use), and in discussions involving various private groups and cryptography professionals, that privacy and anonymity should be emphasized. I've also suggested to standards-based organizations (such as the W3C) that curves utilized in bitcoin and other decentralized, distributed-digital systems be utilized in the WebCrypto API. I deeply care about the progress of bitcoin and would like to see organizations who present offerings through website-based interfaces utilize zero-knowledge configurations to protect their customers from oppression, censorship, and jail time imposed by unreasonable corporation-state organizations. Unfortunately, the interest that most companies have in 'onboarding' customers, seems to have taken priority over development of systems that would protect privacy and anonymity of the users. This ultimately works against the userbase and against the bitcoin ecosystem itself. Responsible development does not rest upon its laurels in the context of any regulatory approval (or absence thereof), but rather, is exemplified by proposals where the code itself protects the user from disclosure, regardless of any external actions from interested organizations. In such a context, the code itself can be designed to balance accountability and privacy while ensuring that a user's identity is not disclosed, or to disclose transactions that exceed a certain limit, but should never be used to censor transactions that do not incorporate taxation, for example. Such distributed-digital cryptosystems should always be voluntary in nature, and always offer users a choice as to whether they wish to engage in facilitating taxation (regardless of where it occurs in the world) or not. Mandatory regulation in its many forms relies upon coercion and violence in order to succeed. Consensus-based, voluntary systems offer reasonable alternatives to the coercive and often violent systems which most people must use today.

In closing, I ask that the companies who may see this letter consider more deeply the privacy of users, and do the following to protect the many users of their services who will undoubtedly grow over time:

- Implement zero-knowledge processes (not only in authentication to your services, but in all aspects of how customer data is managed) so as to protect the users from yourselves (and from anyone else).

- Renew and redouble efforts to decentralize exchanges, brokerages, and identity systems that are used to correspond to these. Examples of such decentralization, which involves varying degrees of user control and privacy, can be found as utilized by Keybase, OpenBazaar, and Mastercoin. (Notably, Mastercoin, in addition to presenting a decentralized exchange, is also working on warrant canary processes.)

- Provide users with the option of anonymity 'built in' as a core aspect of systems you work on, and where anonymity does not exist for a system you work on because of technological limitations, work to support its development.

- Support and respect those who choose the path of utilizing decentralized identity that does not comport with classical regulation or classical identity (examples: BitName, IDMAS). Do not censor or exclude such users.

Share this post

Link to post

Share on other sites

The press releases have been a little unspecific so far, but the so-called windhover principles seem to aim at creating just a very good illusion of privacy - while in fact it's an all you can eat buffet for government agencies all over the world.

2

Share this post

Link to post

Share on other sites

When I discuss or exchange info with someone, I really like to know more about them. For example, in this forum I usually check LinkedIn. More info about the person can help to better understand their viewpoint. Also, no info can add more questions than answers. So too much privacy can have negative impacts on communications. For banks or investment firms, I can understand why the AML/KYC laws and regulations can have benefits.

2

Share this post

Link to post

Share on other sites

When I discuss or exchange info with someone, I really like to know more about them. For example, in this forum I usually check LinkedIn. More info about the person can help to better understand their viewpoint. Also, no info can add more questions than answers. So too much privacy can have negative impacts on communications. For banks or investment firms, I can understand why the AML/KYC laws and regulations can have benefits.

See my more detailed thoughts on this here. I disagree on your point related to suggestions that we should comply with AML / KYC / NYC / TISA / FATCA / RussianFederation / NorthKorea (etc., etc., etc.). It's not proper for coders to facilitate an ancient and dying system, and projects that do will be left in the dust as users migrate to solutions that protect themselves and their communities. Not to mention the billions of unbanked that already aren't giving their information to any companies at all and that operate completely outside of the highly priveleged world which the corporation-state is designed to "protect." I do not view the corporation-states' mechanisms as "protection," but rather as an elaborate coercion. In addition, it is entirely possible to know more about someone both through in-person communication and as well, through trustless systems that offer anonymity coupled with web-of-trust frameworks. A new world is possible ~ and indeed, as I've pointed out in a prior post here, it's not just possible, it's inevitable!

To get a better sense of community sentiment on these topics, check out the many thoughtful remarks in the reddit post linking to this Bitcoin Foundation forum thread, which incredibly went 'to the top' for a while and appears to have approximately 90 percent upvotes.

Thank you for your post, Colin. Also, thank you for pointing out the use of a warrant canary, which will become increasingly important in the days ahead.

I agree, and will add that I hope that the Foundation moves to adopt my proposal for a Bylaws change ~ which I'm waiting for word on regarding a final vote ~ and I hope that the Foundation collaborates with professionals to lay out concise and clear methodologies that businesses can use to implement full zero knowledge processes as well as a greater level of decentralization, in a manner that respects and supports users who choose the path of utilizing decentralized identity that does not comport with classical regulation or classical identity (examples: BitName, IDMAS). If you don't or can't, then you're just throwing users to the whims of highly oppressive organizations who will then take users at gunpoint into jail because they don't want people to express themselves or take responsibility for our shared future. (edit: As an aside, I recommend interested organizations check out, and consider joining, the newly created Seppuku Pledge site, which will soon have its own content, designed to encourage businesses to join and 'make a pledge' ~ at the time of this post, it currently redirects to a Cryptostorm forum page that addresses the topic.)

The Board should take a stance against the regulatory element of the Windhover proposal, but the user base isn't waiting for the Foundation to act or to approve or disapprove of something. We're moving ahead to protect our information, and support anonymity, with or without the Foundation, and where technology doesn't offer solutions, we will build and support solutions that do provide inherent anonymity and respect for users that will not follow the Facebookian corporation-state mode of identity.

1

Share this post

Link to post

Share on other sites

If I had a business and was looking for investors, I would certainly want to know where their money was coming from and what was really expected in return. If they were bad actors with lots of money, their investments may require more than what was on a paper contract. It's ok to trust, but some level of verification is just good business practice.

Share this post

Link to post

Share on other sites

If I had a business and was looking for investors, I would certainly want to know where their money was coming from and what was really expected in return. If they were bad actors with lots of money, their investments may require more than what was on a paper contract. It's ok to trust, but some level of verification is just good business practice.

John, you're missing the point. What's at stake here, at the core of my long-winded post, is choice. If you don't feel that people should have a choice in the systems they choose to transact and communicate with, you're in the wrong place ~ Bitcoin (the protocol) is a voluntary, consensus based system. In like manner, businesses that use the bitcoin protocol need to honor people's agency and ability to choose ~ whether that's in the form of exercising anonymity or expressions we choose in the spirit of full disclosure ~ including, but not limited to, our identity choices.

So, I think you missed the point of this. But if you're going to get into the nitty-gritty of details of "where money is coming from" for a hypothetical venture you or others might engage in, then it's up to you to decide not only from who and at what scale you will seek funding, but how you want your funders to communicate their interest to you. It should be your choice and theirs as to how you communicate, identify yourselves, verify each other, and develop trust (to the extent that is necessary for any particular venture you might develop), and if they're not happy with the conditions you desire for communication regarding your venture, and the matter can't be resolved, then they shouldn't invest in your venture (or you shouldn't accept their funds). Again, the core of the matter is choice ~ not a false 'choice' that someone or something external to your communications imposes, but one that all parties to your agreement can live with.

With that said, I recommend you take a look at (or re-read, if you've already seen it), Dr. Washington Sanchez's (et. al.) work on Ricardian contracts, which I think you will likely take particular interest in if you haven't seen it before.

Share this post

Link to post

Share on other sites

This is another front where businesses and consumers may disagree. Since this organization is made of both, we should anticipate differences of opinion and make sure there are opportunities for dialogue.

In part, my decision to close these accounts is due to the decision of BitPay, Bitstamp, and many other companies, to back the deeply flawed Windhover proposal, which - while innovative and exciting in many ways - unfortunately contains a poison pill that favors regulation of decentralized identity (referred to in the Windhover proposal as 'Proportionate Enforcement and Risk-based regulation') in a way which exchanges user privacy for temporary legal security that may be enjoyed for a short while by the companies which have backed the Windhover proposal.

I haven't heard any comments from the companies that are supporting this proposal nor am I aware of their general perspectives on privacy, identity, and financial surveillance. Frankly, this Windhover proposal is hand-wavy and conceptual in such a way that makes it difficult to assess the trade-offs without understanding specific implementation. Can we get some engineers to comment on this?

Until then, I'm not sure that this is better or worse than what we've got now.

2

Share this post

Link to post

Share on other sites

Posting the below response on behalf of John Henry Clippinger of ID3 to clear up some fundamental confusion around the Windhover Principles and the people behind this open initiative, some of whom have been working tirelessly on behalf of constitutional rights in the digital age for their entire lives.

So much of the debate around regulation is a lot of unsubstantiated noise about the public policy balance that is at the essence of our social contract. What we are attempting with the Windhover Principles is to draw conceptual lines in the sand to hold us accountable to important human values in building technologies yet to emerge, and create breathing room for all innovators to reiteratively develop, test, and deploy proof of concept on technologies that preserve self-determination and self-expression in this brave new, and some argue, post-nation-state world. Breathing room that allow us to recalibrate that public policy balance based on the real risks and benefits, not merely those espoused by authorities.

The second Windhover Principle is the concept that governmental interference –if any – must be transparent, auditable and focused on very limited access and visibility proportionate to achieve specific public policy goals (purpose), rather than the continued assertion of an unsubstantiated right to the intrusion or information itself (means). What this means in terms of new technologies, is that in a world where “closed shops” have morphed into a transparent public ledger visible on the Internet in real-time to regulators and law enforcement, these stakeholders have unprecedented visibility into transaction networks rendering it unnecessary to continue to commandeer private institutions to collect ever more personally identifiable information for analysis after the fact, with a personally identifiable data trail for every transaction for ten years regardless of amount (see NYDFS BitLicense Proposal). Moreover, the essential transparency of the public ledger, which renders detailed financial information tied to individuals, underscores the necessity to develop new tools that enable consumer privacy to the public writ large. As applied to these examples, the Second Windhover Principle is intended to protect us against unfettered expansion of government access without real substantiation of the public gains, and in fact allow us to meaningfully cut back on government access where new technologies require us to recalibrate the areas for public concern.

In sum, the Second Windhover Principle stands for our right to limit government access to that which is actually needed in the 21st century world, not in the service of long cherished narratives of “protecting the public” and unquantifiable “risk”. It is intended to shape the dialogue so that as technology changes, government actions become not only accountable to the public, but must be reiteratively rebalanced to be proportionate to the real risks posed by technologies, not just a reduction of “anti-money laundering” and “counter-terrorist financing” concerns. It may help close the door on unsubstantiated data collection and surveillance as outdated financial regulations continue to be misapplied to these technologies.

I personally convinced John and his group to move up the development of the Principles and helped coordinate with these companies this fall – all of whom care deeply about user privacy and brave many challenges on your behalf in this regulatory quagmire – because there is an opportunity, now as regulators digest public comments (e.g, BitLicense), to undercut the cumbersome and ineffective machinery of regulation policymakers are proposing, and to show a better way forward. The smart policymakers secretly acknowledge that the technologies, the pace of change, the efficacy of the very rules they enforce, the system to which they are tied, are difficult challenges indeed. The OMS platform is the foundational iteration for first efforts to fill the regulatory vacuum with sound technical solutions showing proof of concept of some of the ways we, as an industry, can help regulators meet public policy mandates - the real ones – while allowing us to build out systems that reflect our values, not those of “authorities”. Whether you chose to work on this initiative, or another, the breathing room for technical experimentation - and fundamental proactive shift in the regulatory conversation from mere compliance with rules to building the correct rules – benefits all entrepreneurs.

As humanity and technology has advanced, traditional structures of privilege and power that are nevertheless cloaked in the robes of law are now being challenged. There are many ways to affect change. Radical self-reliance and protest is one. Engagement with stakeholders, no matter how distasteful some are, another. To build it, so they will come, yet another. There is no doubt that the balance must be recalibrated and critical mass of people who demand transformative change is absolutely necessary. Divide and conquer is the oldest trick in the book, so let’s build each other up, not tear each other down.

Best,

Constance Choi

1

Share this post

Link to post

Share on other sites

The Windhover Principles were drafted by a diverse group of volunteers from around the world, who throughout their lives have been committed to the principles of self-expression, the right of assembly and economic self-determination. Our backgrounds include lifelong commitments in the American civil rights and anti-war movements, and the support of open source solutions to societal challenges. We have been directly involved in the creation and support of Creative Commons, open data, and peer-to-peer collaboration, production and governance. With our founding of the Law Lab at the Harvard Berkman Center, we explored new computational legal models for contracts, economic exchange and for the protection of personal data.

Perhaps it is a failure of imagination, but we cannot see any viable nor scalable social ordering where there is no identity, no oversight, no accountability. But perhaps this is not what Colin Gallagher is saying, as he does conclude with a call for sensible measures for protecting identity and privacy, and poses the alternative of a “consensus-based, voluntary system”. That is precisely what we are proposing in the Windhover Principles; it is opt-in, and a set of principles, not prescriptions, that are grounded in the notion of “self-sovereign identity” and “decentralized autonomous authorities”. It is hard to get all of that on one page.

Colin argues thoughtfully and eloquently about the need to protect individual’s privacy and identities. He rightfully chastises governmental authorities for their abuse of their powers as identity authorities to perpetuate “various types of slavery and genocide,” not to mention, “global warfare.” We also concur with his call for “voluntary trans-identical systems” that “provide options of anonymity and the means to express numerous facets of individual or group identity.”

The problem with developing a one-page statement of principles for a general public - a diverse audience with multiple stakeholders whose consent and participation is vital - is that no matter how artfully you try to express them, there are going to be gaping ambiguities, and hence, fodder for confusion and mischief. A foundational principle of the Windhover Principles is the notion of “self-sovereign identity”, which means, in principle and in architecture, that the individual is the originator and controller of their root identity. It is not under the control of any state, corporation or “authority”, and it should be decentralized, encrypted and secure. To do this in practice is a big deal and significantly alters the rights and powers of Colin’s much distrusted states and authorities - a sentiment we share as well. We, too, espouse and support the anonymity of root identity within OMS (Open Mustard Seed), which does not store any personally identifiable information, and offers the option of multiple pseudo-anonymous identifiers (personas) for individuals, groups and IoT. We also use zero-knowledge methods to protect personal data, strive to eliminate “crumbs”, and aim to strictly defeat attempts for re-identification.

Moreover, we specifically address the issue of any entity - government, bank, or vigilante - getting unpermitted access to anyone’s personal data. If you look at the OMS architecture, it is decentralized, autonomous and trustless in its design from bottom to top. To say, as one fellow commentator did, that the Windhover Principles is an “all you can eat buffet for government agencies all over the world” is simply factless and baseless. To the contrary, the Windhover Principles and the architecture of OMS were designed ab initito to prevent such a “buffet” by any actors – government or private.

Where we do substantively disagree with Colin is in the notion of rule of law. We believe that people, companies, voluntary organizations and even governments need enforceable contracts - where all parties to the contract are held to account. What the blockchain, smart contracts and “decentralized-autonomous-authorities” (“DAOs”) enable is truly revolutionary, a tamperproof, and transparent, contextualized “blind justice” for ALL parties to a contract, including government actors such as regulators. These developments enable us to fundamentally shift the balance of power from decaying and corrupt systems into participatory, just, and inclusive models. How such contracts – social and commercial - would be written and enforced is subject to huge variation and, we hope, continuous, open innovation (something also supported by the Windhover Principles). And it will take time.

No one regulatory approach is suitable for all situations. This is the fatal flaw in “classical” “regulatory” processes. To quote the poet William Blake, “The Law of the Lion and the Ox is Oppression”, which is to recognize the need for a plurality of “laws” but not to argue that there is NO law. This seems to be main the point of contention, as we understand Colin’s argument. To argue that “proportionate enforcement and risk-based regulation” – our call to hold governments accountable to the concept that even seemingly legitimate access and enforcement cloaked in the robes of legality must be transparent and directly proportionate to the real societal risks – are a “poison pill” implies that any regulation, any oversight, any enforcement, where the parties have to be identified in some form and held to account is strictly verboten. That simply is unrealistic and naively Utopian.

We favor, and indeed, have implemented decentralized oversight through smart contracts that can be independent of government tampering, fishing expeditions, back doors, etc., through a trustless escrow system, where regulators would be required to present digital warrants based upon auditable “probable cause.” This is how we see the rule of law manifesting itself in this new decentralized world we all are so excited about. It shifts the current, broken state of affairs – preemptive, closed-door data collection and surveillance by government and private parties - into decentralized trust networks with auditable, transparent access in limited circumstances that we, as a society, agree upon, and consent to. We are wholly agnostic about how individuals, groups or governments implement such “rules” or “regulations”, and we expect to see a full spectrum of variants – on this platform and others – from complete anonymity to full disclosure dependent upon context and consent.

So take another look and don’t give up your accounts on BitPay and Bitstamp, because the Windhover Principles really are not a secret NSA plot, but a genuine, open, and evolving collaboration among your compatriots in this brave, new, decentralized blockchain world, to make it sensibly free and viable.

To get a more complete understanding of who we are and what we advocate, you can download our new book for free (www.idcubed.org), From Bitcoin to Burning Man and Beyond: The Quest for Individual Identity and Autonomy in Digital Society (2014).

have betrayed the users by virtue of their adoption of the 'poison pill' within the Windhover principles ~ these, over twenty organizations, have colluded to develop significant regulatory controls on your identity and freedom to transact as you desire, and more. They will not have my business. That is not a matter of debate, and it is not a subject for dialogue.

On the other hand, I do hope that some of those companies will back away from their support of the regulatory component of the Windhover identity principle. I would certainly feel better about companies that would make such a decision (to rescind their support for the regulatory element of the Windhover proposal).

Nonetheless, you'll note as I've expressed in my post, that this is not merely about Windhover. One of the companies that I'm closing my account with is Coinbase, which is not listed as a Windhover supporter. Why? You'll note that the problems of user data being disclosed to not only corporation-states, but being exposed to a wide variety of malicious private actors (individual attackers, associations that manage and deploy botnets, and more) ~ which is a byproduct of Coinbase's (and other similar companies') business practice of retaining substantial amounts of customer data, and divulging it to organizations that we would never want to share personal information with ~ necessarily results in my departure from web-based services, particularly in light of the fact that they have not adopted the privacy and anonymity principles described in my post. In light of the recent iOS debacle reported on Oct. 23, 2014 which included pointed revelations about what Apple has done to its users, I strongly suspect that the concern about these issues will only grow.

This is another front where businesses and consumers may disagree. Since this organization is made of both, we should anticipate differences of opinion and make sure there are opportunities for dialogue.

As you may know, Brad, in the past I've helped get dialogue projects funded and implemented in situations where that was appropriate. From my background in dialogue and community projects, which I've had the honor and opportunity to support both in the international context as well as here in the USA/EEUU, and which I've also published a study of, I can tell you with certainty: Dialogue is not decision-making. It is informative and useful in situations where parties are able to share information and possibly inform their future actions and decisions. If anyone has ever had to fund and help coordinate community dialogues, one of the first things you will understand is that dialogues can be designed for almost any situation imaginable, particularly where communities have tensions, but you should never, ever demand as part of a dialogue that someone offer a compromise on core issues.

A well-run dialogue results simply in people of all backgrounds and views to share perspectives and learn from each other in an open environment. Dialogues are conducted differently depending on the scenario, but there are some well-understood concepts that are used by professionals in dialogue and deliberation often, and you can read about some of these concepts in some of the pages of my linked study above.

But as people are carted off to jail or worse because they want alternatives to our current system, dialogue is not a logical response. To be sure, companies will find different ways to protect users and offer them options of anonymity, but that's a technical discussion ~ something for the mailing lists and tech conferences. You can't "dialogue away" people's rights, and in the context of this discussion, you cannot remove our desire to be free from an oppressive system that funds torture, surveillance, war, and antiquated corporation-states that are still tenuously struggling to impose their vision of Hegelian romantic nationalism upon the rest of the world. It's untenable, and the world isn't willing to stand for it, as anyone who has been alive (and has observed numerous nations (and dictatorships) fall since 1980) will openly acknowledge.To exercise anonymity is a choice ~ a choice that you cannot prohibit or permit, a choice that is made by individuals, communities, and soon, entire societies. It is a matter of societal evolution, and you are witnessing a massive shift in how the world works.As this really is about choice, it would certainly be reasonable to conclude that some organizations' refusal to accomodate anonymity means that there will be other organizations or projects that will enable people to exercise anonymity in the context of transactions, trans-identical interactions, and in many other ways. Much as some corporations have competed with each other to see just how much they can profit from abuse of the users' information, there will always be examples and competing organizations (such as corporations) or projects (such as software projects and repositories that are released freely without any profit motive) whose sole purpose will be to shield the user from the coercive and oppressive hand of the corporation-state itself. The corporation-states of today will survive, but they too have a choice: They can adapt, or find themselves behind the curve and in a place of diminishing relevance. To what would they be adapting? To the reality of a growing number of people who understand that it is a choice as to whether or not to contribute to the operations of the corporation-state, and who find themselves with increasing technological options, or tools, to make that choice in a way that puts individuals and associations on a level playing field with corporation-state organizations.

Indeed, there are always opportunities for dialogue, but if your vision of 'dialogue' is to convince others that agents of a corporation-state should be given continuing opportunity to suppress choice of the individual as technological development and empowerment proceeds, then I think that it is not dialogue that you would be seeking, but rather, underneath the facade, that would merely be a manifestation of your desire to use coercion and state-sponsored violence to put people in jail who do not share your beliefs. I do not assume that this would be your vision of a 'dialogue,' but I do know that those who ardently advocate for systems that are premised and reliant upon coercion and violence, do not fare well in the context of dialogue acts.

Again, the notion of support for mandatory and coercive regulation of identity, and limitations upon the freedom and choice of the individual in the context of transactions and management of data, constitute an untenable proposal that, if we continue to accept them, would result in a destructive cycle involving slavery, genocide, and perpetual warfare. Such a notion is one that billions across the world, once given the tools and opportunity, will reject ~ as their choices are made known in manifold ways. I harbor no delusions ~ when corporation-states feel threatened, they react, and they use the means of communication that they are most familiar with: coercion and violence. Thus we preventatively defend ourselves through development of liberative technological processes which can assure meaningful, lightweight, and easy-to-use anonymity.

Brad, it occurs to me that I should refer you to this excellent work by Gene Sharp - take your time and read it all the way through (and if you've already seen it or read it, may I direct your attention to pages 4, 7, 8, and 10 (the latter page explains some of the problems with the notion of negotiation in situations like these).

Share this post

Link to post

Share on other sites

Posting the below response on behalf of John Henry Clippinger of ID3 to clear up some fundamental confusion(...)

To Constance Choi and John Henry Clippinger ~ Nobody's confused here. Don't speak down to people who can see through what it is you are doing and are willing to challenge it.

So much of the debate around regulation is a lot of unsubstantiated noise(...)

Thank you for your unsubstantiated and biased opinion. I've taken note of it.

What we are attempting with the Windhover Principles is to draw conceptual lines in the sand to hold us accountable to important human values in building technologies yet to emerge, and create breathing room for all innovators to reiteratively develop, test, and deploy proof of concept on technologies that preserve self-determination and self-expression in this brave new, and some argue, post-nation-state world. Breathing room that allow us to recalibrate that public policy balance based on the real risks and benefits, not merely those espoused by authorities.

If your concept of 'breathing room' includes your support for jailing people who don't comply with the rules of whatever corporation-state that you find yourself in, be it NY, North Korea, the Russian Federation, or anywhere, then you can huff and puff all you want, but nobody has to support your proposals. Privacy and anonymity, and our ability to choose whether to exercise them without exposing ourselves to a guillotine every time we make such a decision, is a matter of individual choice within the context of potential exercise of anonymity. Indeed, there is no requirement that we use organizations that cannot accomodate our choices, and indeed, given the technologies that we are speaking of, there is actually no need for organizational intermediaries when we transact at all.

As applied to these examples, the Second Windhover Principle is intended to protect us against unfettered expansion of government access without real substantiation of the public gains, and in fact allow us to meaningfully cut back on government access where new technologies require us to recalibrate the areas for public concern. In sum, the Second Windhover Principle stands for our right to limit government access to that which is actually needed in the 21st century world, not in the service of long cherished narratives of “protecting the public” and unquantifiable “risk”. It is intended to shape the dialogue so that as technology changes, government actions become not only accountable to the public, but must be reiteratively rebalanced to be proportionate to the real risks posed by technologies, not just a reduction of “anti-money laundering” and “counter-terrorist financing” concerns.

That's a long-winded way of saying that you support the regulation of identity, and the use of legal controls of the corporation-state, backed by coercion and violence, to punish people who do not obey. Indeed, a whitepaper from ID3 on this matter includes the phrase "Compliance by design." Not interested. We do freedom by design ~ not compliance. That's what we do here. You're in the wrong shop.

Divide and conquer is the oldest trick in the book, so let’s build each other up, not tear each other down.

We can agree to disagree. Your proposals are merely digital echoes of past systems of control that long preceded the internet or even the notion of a 'state.' The notion of the use of representation and law, backed by coercion and violence, is an untenable proposition for our future, and one which we need not comport with.

Share this post

Link to post

Share on other sites

Perhaps it is a failure of imagination, but we cannot see any viable nor scalable social ordering where there is no identity, no oversight, no accountability.

And your "viable or scalable social ordering" is based on what principles? Who is on top of the social pyramid in your imagination? The one that controls other peoples money!?

If you want to build a free society the right (not the obligation) of being nobody comes first. Free speech very often is not possible if it isn't truly anonymous. Untraceable money is part of the untraceable speech. Bitcoin in essence is just a message (if you want - announcement) in a p2p network. Why are you so afraid of free speech in specialized p2p networks?

Do you think people are bad "by design" and there must be someone on top of the social pyramid to protect them from their suicidal inclinations?

1

Share this post

Link to post

Share on other sites

Moreover, we specifically address the issue of any entity - government, bank, or vigilante - getting unpermitted access to anyone’s personal data. If you look at the OMS architecture, it is decentralized, autonomous and trustless in its design from bottom to top. To say, as one fellow commentator did, that the Windhover Principles is an “all you can eat buffet for government agencies all over the world” is simply factless and baseless. To the contrary, the Windhover Principles and the architecture of OMS were designed ab initito to prevent such a “buffet” by any actors – government or private.

Here is the buffet:

6. Right of Law Enforcement to Identify Individuals.Appropriately credentialed and verified party with probable cause and court-issued search warrants should be permitted to penetrate the cover of an authenticated persona to reveal the underlying identity of a suspect.

Court orders are ridiculously easy to get and provide no protection at all. I could give you studies regarding the so called court orders in germany, and other people should be able to provide similar information for their respective countries. I would never link all my data and activities to an identity that could be completely unraveled that easily.

Share this post

Link to post

Share on other sites

Posting the below response on behalf of John Henry Clippinger of ID3 to clear up some fundamental confusion around the Windhover Principles and the people behind this .......

Divide and conquer is the oldest trick in the book, so let’s build each other up, not tear each other down.

Best,

Constance Choi

Constance, and John Henry

(sorry to be so informal, but we are made up of both formal and informal enthusiasts for the Bitcoin protocol and all that it can bring)

It is possible that the attempt to Divide and Conquer is already taking place within this very forum.

It is not without notice that Constance has been a member of the Bitcoin Foundation since July of 2013 and in that 14 month period has posted no more than twice, all yesterday at 10:25 AM.

It is also of interest that the exiting Executive Director, Jon Matonis, took it upon himself last year, to open the previously "members only forums" to public view, without consulting the people who had placed trust in the previous communication system. He has made an apology of sorts, however as in all undelivered restitution, it was not yet fixed. Regardless of views on any aspect of government/business, this database was unceremoniously spilled onto the web, with blatant disregard for privacy or the trust that was put in the hands of the Bitcoin Foundation's administration. It does not stop there, but I believe you are starting to understand why "Divide and Conquer" was the correct term, for something we want to change.

To continue this example, as an example only, the privacy of every member of this organization who stated either facts or opinions, was then compromised.

Fortunately the upcoming election may allow the contributing members that are left, to change this tide by electing truly responsible people who do not need to be trusted, but understand the deep rooted concerns your organization and others have brought to the surface. For that we are truly grateful.

However, unknowingly your entry into the foray of this discussion, it is fraught with divide and conquer reasoning, for the reasons Colin has mentioned and by the very fact that you come bearing gifts from the CEO of your organization.

I have no conspiratorial notions about your actions here, for I doubt you will be conscious that the perception you have created was purposefully motivated. It is simply a possibility. The dialogue to compromise is a rabbit hole where we are being asked to join you, with your pocket watch ever-ticking, in the ideas that will take time, but we don't want to be late. Jump, Alice.

And the punch line, Constance and John Henry, is that we will probably never see you again. Because we dared to question your authority, you will make sure this conversation is over, and you will not reply. You will write us off as people who just don't understand, trouble makers, individuals who are damaged, etc.

Or...

you will come back after taking a closer look at who and what you are representing, and be open to a more casual engagement that addresses these individual member's concerns.

I am hoping for the later.

Happy Halloween !

1

Share this post

Link to post

Share on other sites

If I had a business and was looking for investors, I would certainly want to know where their money was coming from and what was really expected in return. If they were bad actors with lots of money, their investments may require more than what was on a paper contract. It's ok to trust, but some level of verification is just good business practice.

Sure. That's why things like requiring financial reports, doing background checks of people and companies are good ideas. And they are routine for people in certain lines of work.

The idea of incorporating some level of such IN A CURRENCY SYSTEM is by contrast, totally nuts.

1

Share this post

Link to post

Share on other sites

The Windhover Principles were drafted by a diverse group of volunteers from around the world, who throughout their lives have been committed to the principles of self-expressi&amp;#111;n, the right of assembly and economic self-determination. Our backgrounds include lifelong commitments in the American civil rights and anti-war movements, and the support of open source solutions to societal challenges. We have been directly involved in the creation and support of Creative Commons, open data, and peer-to-peer collaboration, production and governance. With our founding of the Law Lab at the Harvard Berkman Center, we explored new computational legal models for contracts, economic exchange and for the protection of personal data.

Perhaps it is a failure of imagination, but we cannot see any viable nor scalable social ordering where there is no identity, no oversight, no accountability. But perhaps this is not what Colin Gallagher is saying, as he does conclude with a call for sensible measures for protecting identity and privacy, and poses the alternative of a “consensus-based, voluntary system”. That is precisely what we are proposing in the Windhover Principles; it is opt-in, and a set of principles, not prescriptions, that are grounded in the notion of “self-sovereign identity” and “decentralized autonomous authorities”. It is hard to get all of that on one page.

Colin argues thoughtfully and eloquently about the need to protect individual’s privacy and identities. He rightfully chastises governmental authorities for their abuse of their powers as identity authorities to perpetuate “various types of slavery and genocide,” not to mention, “global warfare.” We also concur with his call for “voluntary trans-identical systems” that “provide options of anonymity and the means to express numerous facets of individual or group identity.”

The problem with developing a one-page statement of principles for a general public - a diverse audience with multiple stakeholders whose consent and participation is vital - is that no matter how artfully you try to express them, there are going to be gaping ambiguities, and hence, fodder for confusion and mischief. A foundational principle of the Windhover Principles is the notion of “self-sovereign identity”, which means, in principle and in architecture, that the individual is the originator and controller of their root identity. It is not under the control of any state, corporation or “authority”, and it should be decentralized, encrypted and secure. To do this in practice is a big deal and significantly alters the rights and powers of Colin’s much distrusted states and authorities - a sentiment we share as well. We, too, espouse and support the anonymity of root identity within OMS (Open Mustard Seed), which does not store any personally identifiable information, and offers the option of multiple pseudo-anonymous identifiers (personas) for individuals, groups and IoT. We also use zero-knowledge methods to protect personal data, strive to eliminate “crumbs”, and aim to strictly defeat attempts for re-identification.

Moreover, we specifically address the issue of any entity - government, bank, or vigilante - getting unpermitted access to anyone’s personal data. If you look at the OMS architecture, it is decentralized, autonomous and trustless in its design from bottom to top. To say, as one fellow commentator did, that the Windhover Principles is an “all you can eat buffet for government agencies all over the world” is simply factless and baseless. To the contrary, the Windhover Principles and the architecture of OMS were designed ab initito to prevent such a “buffet” by any actors – government or private.

Where we do substantively disagree with Colin is in the notion of rule of law. We believe that people, companies, voluntary organizations and even governments need enforceable contracts - where all parties to the contract are held to account. What the blockchain, smart contracts and “decentralized-autonomous-authorities” (“DAOs”) enable is truly revolutionary, a tamperproof, and transparent, contextualized “blind justice” for ALL parties to a contract, including government actors such as regulators. These developments enable us to fundamentally shift the balance of power from decaying and corrupt systems into participatory, just, and inclusive models. How such contracts – social and commercial - would be written and enforced is subject to huge variation and, we hope, continuous, open innovation (something also supported by the Windhover Principles). And it will take time.

No one regulatory approach is suitable for all situations. This is the fatal flaw in “classical” “regulatory” processes. To quote the poet William Blake, “The Law of the Lion and the Ox is Oppression”, which is to recognize the need for a plurality of “laws” but not to argue that there is NO law. This seems to be main the point of contention, as we understand Colin’s argument. To argue that “proportionate enforcement and risk-based regulation” – our call to hold governments accountable to the concept that even seemingly legitimate access and enforcement cloaked in the robes of legality must be transparent and directly proportionate to the real societal risks – are a “poison pill” implies that any regulation, any oversight, any enforcement, where the parties have to be identified in some form and held to account is strictly verboten. That simply is unrealistic and naively Utopian.

We favor, and indeed, have implemented decentralized oversight through smart contracts that can be independent of government tampering, fishing expeditions, back doors, etc., through a trustless escrow system, where regulators would be required to present digital warrants based upon auditable “probable cause.” This is how we see the rule of law manifesting itself in this new decentralized world we all are so excited about. It shifts the current, broken state of affairs – preemptive, closed-door data collection and surveillance by government and private parties - into decentralized trust networks with auditable, transparent access in limited circumstances that we, as a society, agree upon, and consent to. We are wholly agnostic about how individuals, groups or governments implement such “rules” or “regulations”, and we expect to see a full spectrum of variants – on this platform and others – from complete anonymity to full disclosure dependent upon context and consent.

So take another look and don’t give up your accounts on BitPay and Bitstamp, because the Windhover Principles really are not a secret NSA plot, but a genuine, open, and evolving collaboration among your compatriots in this brave, new, decentralized blockchain world, to make it sensibly free and viable.

To get a more complete understanding of who we are and what we advocate, you can download our new book for free (www.idcubed.org), From Bitcoin to Burning Man and Beyond: The Quest for Individual Identity and Autonomy in Digital Society (2014).

Respectfully,

John Henry Clippinger

CEO and Co-Founder ID3

Frankly, I don't think you have the slightest clue what you are talking about or it's real world implications.

One way to find out would be for you to try to debate it with me or some others. Take it to Reddit. I think you've got the sort of concept construction that you'd get away with blathering to a bunch of students in a classroom, and only there. And of course it's a crutch for minions of government. So therefore the free debate won't be engaged in.

Your paper "Privacy and Compliance by Design"

On the one hand, there is a strong policy consensus in the United States and Europe that all individuals must have a basic “data bill of rights” (individual control, transparency, respect for context security, access and accuracy, focused collection, accountability) that protects them against the unauthorized retention and use of personal data. Its architects are nothing less than the White House Consumer Data Bill of Rights, the NISTC (National Strategy for Trusted Identities in Cyberspace), the Department of Commerce Green Paper, and the FTC Report, “Protecting Consumer Privacy in an Era of Rapid Change.” In the EU it is the General Data Protection Regulation (notice, purpose, consent, security, disclosure, access).

No, Sir. Nor the White House, the NISTC, the Dept of Commerce, nor the FTC are going to "help us" protect ourselves. Nor do we need them to "help" us. This will be done by the people themselves if it is done at all. The agencies you mention are of course diametrically opposed to our interests in these respects.

Our vision for OMS is as an inclusive platform to transform how we, as collective Internet users, can take back our personal data, and share it in a trusted and secure way — not only for Bitcoin and digital currency transactions, but for other data and media types as well.”

Your vision has nothing to do with bitcoin, as it is a trustLESS protocol. Your vision has to do with something, perhaps that you'd like to see it morph into.

Share this post

Link to post

Share on other sites

"The idea of incorporating some level of such IN A CURRENCY SYSTEM is by contrast, totally nuts."

Okay. Let me use a paper currency as an example. It is by nature amoral and unthinking. It is simply parts of dead trees, perhaps sitting on a table. Governments then create laws which dictate that transfers of this dead tree stuff in and out of banks must be reported above a certain amount. At this point you have a currency algorithm at work, with behavioral implications for the public and the consumers.

Thus we separate the currency (stacks of crushed dead trees) from the algorithm, and combining them, we have a currency system.

Similarly we can separate the bitcoin protocol from it's usage. It's usage may include exchanges, brokers, on line wallet companies, and other entities which are not required by the bitcoin protocol. These commercial interests would dearly love to have a required functionality in the protocol derived from new government regulation. This is contrary to the expressed intent of the protocol, of course.

By it's very nature and it's acts, such as revealing the membership database publicly, the Bitcoin Foundation cannot be trusted to either maintain the privacy of it's members or the integrity of the BTC protocol. Hence it is actually a good place to float a proposal such as the Winterhover, for those who find it in their interests to advocate such a thing.

1

Share this post

Link to post

Share on other sites

By it's very nature and it's acts, such as revealing the membership database publicly, the Bitcoin Foundation cannot be trusted to either maintain the privacy of it's members or the integrity of the BTC protocol. Hence it is actually a good place to float a proposal such as the Winterhover, for those who find it in their interests to advocate such a thing.

*And in response to Georg Englemann who did not agree with Colin's comment "consider more deeply the privacy of users".

I am do not launder money, as I am not a criminal with money that has been stolen or extorted.

My thoughts are my own (at least so far) and I consider those to be private.

What I consider private is my own private concern, and my own choice. If I do or do not like a political candidate, party or system, it is my choice and if I want to share my private concerns in any of these areas it is my choice who I share my thoughts with. If those that I trust with my thoughts decide they want to tell others for financial or other gain, then my trust has been violated. They will never be trusted by me again because they have proven they cannot be trusted.

CONSIDER was Colin's choice of adjective, which lends itself to respectful discussion.

With new administration here at the Bitcoin Foundation, I expect respectful discussion will return and with it respect for our privacy.

Share this post

Link to post

Share on other sites

*And in response to Georg Englemann who did not agree with Colin's comment "consider more deeply the privacy of users".

I am do not launder money, as I am not a criminal with money that has been stolen or extorted.

My thoughts are my own (at least so far) and I consider those to be private.

What I consider private is my own private concern, and my own choice. If I do or do not like a political candidate, party or system, it is my choice and if I want to share my private concerns in any of these areas it is my choice who I share my thoughts with. If those that I trust with my thoughts decide they want to tell others for financial or other gain, then my trust has been violated. They will never be trusted by me again because they have proven they cannot be trusted.

CONSIDER was Colin's choice of adjective, which lends itself to respectful discussion.

With new administration here at the Bitcoin Foundation, I expect respectful discussion will return and with it respect for our privacy.

It's rather interesting how often it is thought that raising the Looming Spectre of Money Laundering is the lynchpin argument to stop a discussion.

It's not. Not in the least. Arguments made must stand on their own merits or lack of.

Consider the following arguments.

"We need LEO to have full access to Internet users. It's ALL ABOUT CHILD PORN! WE MUST STOP CHILD PORN!"

"We need to build a database of license plates. We can stop CRIME this way." (A state recently did this, and at the point where they had tracking data on 9,000,000 license plates, they had 5 crimes in which the data assisted to a degree.)

"We must have records of all Cash Bank Transactions above a certain amount reported to the Gobblermint. They might be Money Laundering."

In each of the above cases - and many others - the abuse by the authorities far, far has exceeded the benefits to society. In most scenarios of this sort, the actual utilization of the data by the government has little relation to the original supposed cause.